Skip to main content

Data On Millions Of Americans Leaked Through Open Server 

By December 13, 2018June 2nd, 2022Cybersecurity

Bob Diachenko, the Director of Cyber Risk Research for Hacken, recently made a disturbing discovery.  He found an ElasticSearch server open and vulnerable on the internet, without so much as a password to protect it.

Unfortunately, the server was leaking a staggering 73GB of data and had a number of databases cached inside the server’s memory.  In one of those databases, Diachenko discovered more than 56 million records containing personally identifiable information belonging to US citizens around the country.

In the majority of cases, the exposed information was limited to:

  • Full name
  • Email address
  • Street address (including Zip Code)
  • Phone number or numbers
  • IP addresses

Sadly, to an even moderately talented hacker, that’s more than enough information to fake someone’s identity. That means the data has real value on the Dark Web and may be being sold off as you read these words.

Another of the databases contained nearly twenty-six million records containing business information.

In this case, the exposed information included:

  • Company name and brief description
  • Zip codes and carrier routes
  • Latitude and longitude coordinates
  • Census tracts
  • Website addresses
  • Email addresses
  • Employee headcounts
  • Revenue numbers
  • Phone numbers
  • SIC codes
  • NAICS codes
  • And the like

Diachenko made the discovery on November 20th, but upon further research discovered that it had actually been indexed by Shoddan on November 14th.  He was not able to determine who owned the exposed server, but based on a few breadcrumbs he did find, he concluded that it’s likely owned by the Canadian data firm “Data and Leads,” or that the company is at least indirectly connected to the server somehow.

The firm did not respond to inquiries made by Diachenko, or later, by ZDNet. Shortly after those requests for comment were made, the company’s website mysteriously went down.

The apparent cause of this breach is the same thing that’s caused other recent ElasticSearch breaches.  In a shocking number of cases, admins don’t bother to set up passwords for their servers, which they later leave exposed on the internet.  An easy problem to fix, but it begs the question:  Are your servers password protected?

Chris Forte

Chris Forte

Chris Forte, President and CEO of Olmec Systems, has been in the MSP workspace for the past 25 years. Chris earned his Master’s Degree from West Virginia University, graduating Magna Cum Laude. He was a past member of the Entrepreneurs’ Organization, a current member of the New Jersey Power Partners and Executive Association of New Jersey, where he has previously served on its board of directors. In his spare time, Chris enjoys traveling with his family. He also admits to being a struggling golfer and avid watcher of college football and basketball. He currently lives in Boonton Township, NJ with his wife, two daughters, son, and black lab Luna.

You May Also Like

cyber-attack-around-the-world CybersecurityIT Support New York

Which Warning Signs Indicate Malware on Your Computer?

Chris Forte
Chris ForteDecember 12, 2022
healthcare-security CybersecurityIT Support Healthcare

The Healthcare Industry Faces Serious Cybersecurity Threats

Chris Forte
Chris ForteNovember 22, 2022
developing-network-security-system-internet-data-security-concept-laptop CybersecurityIT SupportManaged IT Services

Network Management in a Nutshell

Chris Forte
Chris ForteJune 7, 2022

olmec-nct-logo

New Jersey / NYC

E. HelloNJ@olmec.com

A. 85 Bloomfield Avenue,
Denville, NJ 07834

P. (973) 586-6590

Atlanta (Metro)

E. HelloGA@olmec.com

A. 2250 Satellite Blvd, Suite 100, Duluth, GA 30097

P. (770) 462-2630

Need more information? Book a meeting with one of our responsive consultants today!

Let us know how we can help!

@2023 Olmec Systems, LLC. | Privacy Policy

A New Charter Technologies Company